<? 
session_start();
				
include ('conn.php');
				
$db = get_conn();
				
check_session();
		  
if ($_POST['Agregar']!=""){
	$sql = "INSERT INTO residents (name,lastname,lastname2,id_location,id_number,telefono,email,email2,comments,phone1,phone2,phone3,ext,workplace,ocupation,moving_date) VALUES (
	\"".htmlspecialchars($_POST['name'])."\",
	\"".htmlspecialchars($_POST['lastname'])."\",
	\"".htmlspecialchars($_POST['lastname2'])."\",
	".($_POST['id_location']).",
	\"".htmlspecialchars($_POST['id_number'])."\",
	\"".htmlspecialchars($_POST['telefono'])."\",
	\"".htmlspecialchars($_POST['email'])."\",
	\"".htmlspecialchars($_POST['email2'])."\",
	\"".htmlspecialchars($_POST['comments'])."\",
	\"".htmlspecialchars($_POST['phone1'])."\",
	\"".htmlspecialchars($_POST['phone2'])."\",
	\"".htmlspecialchars($_POST['phone3'])."\",
	\"".htmlspecialchars($_POST['ext'])."\",
	\"".htmlspecialchars($_POST['workplace'])."\",
	\"".htmlspecialchars($_POST['ocupation'])."\",
	\"".htmlspecialchars($_POST['moving_date'])."\")";
			
	$result = mysql_query($sql);
			
 	if($result){
		$id_resident = mysql_insert_id();
		save_options($_POST['id_option'],$id_resident);						

	  if($_SESSION['session_is_admin'] !=1){
 		do_redirect('../welcome_user.php'); 	  
	  }else{
 		do_redirect('../locations.php'); 	  
	  }
			
 	}else{
 		error_handling('residents.insert  - '.$sql,mysql_error());
 	}				  
		 
}//Agregar
		  
if ($_POST['Actualizar']!=""){
			
	$sql = "update residents set 
	name=\"".htmlspecialchars($_POST['name'])."\",
	lastname=\"".htmlspecialchars($_POST['lastname'])."\",
	lastname2=\"".htmlspecialchars($_POST['lastname2'])."\",
	id_location=".$_POST['id_location'].",
	id_number=\"".htmlspecialchars($_POST['id_number'])."\",
	telefono=\"".htmlspecialchars($_POST['telefono'])."\",
	email=\"".htmlspecialchars($_POST['email'])."\",
	email2=\"".htmlspecialchars($_POST['email2'])."\",
	comments=\"".htmlspecialchars($_POST['comments'])."\",
	phone1=\"".htmlspecialchars($_POST['phone1'])."\",
	phone2=\"".htmlspecialchars($_POST['phone2'])."\",
	phone3=\"".htmlspecialchars($_POST['phone3'])."\",
	ext=\"".htmlspecialchars($_POST['ext'])."\",
	workplace=\"".htmlspecialchars($_POST['workplace'])."\",
	ocupation=\"".htmlspecialchars($_POST['ocupation'])."\",
	moving_date=\"".htmlspecialchars($_POST['moving_date'])."\"
 
	where id_resident=".$_POST['id_resident'];
			 
			
	$result = mysql_query($sql);
			
	if($result){
		save_options($_POST['id_option'],$_POST['id_resident']);						
				
	  if($_SESSION['session_is_admin'] !=1){
 		do_redirect('../welcome_user.php'); 	  
	  }else{
 		do_redirect('../locations.php'); 	  
	  }					
			
	}else{
				
		error_handling('residents.update - '.$sql,mysql_error());
			
	}				  
		 
}//update
		  
if ($_POST['Eliminar']!=""){
			
	$sql = "delete from residents where id_resident=".$_POST['id_resident'];
			
	$result = mysql_query($sql);
			
	if($result){
				
	  if($_SESSION['session_is_admin'] !=1){
 		do_redirect('../welcome_user.php'); 	  
	  }else{
 		do_redirect('../locations.php'); 	  
	  }			
	}else{
				
		error_handling('residents.delete - '.$sql,mysql_error());
			
	}				  
		 
}//delete
		  
if ($_POST['Nuevo']!=""){

				
	  if($_SESSION['session_is_admin'] !=1){
 		do_redirect('../welcome_user.php'); 	  
	  }else{
 		do_redirect('../locations.php'); 	  
	  }			
		 
}//delete
	
?>